Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[TT-1326] Update Solidty Foundry pipeline with Slither #13986

Merged
merged 68 commits into from
Aug 9, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
68 commits
Select commit Hold shift + click to select a range
4326696
More univeral lcov prunning
Tofel Aug 1, 2024
8d9ce26
update Shared code cov
Tofel Aug 1, 2024
3b8049d
exclude deleted files from Slither
Tofel Aug 1, 2024
27b8009
use single source of truth for all Solidity Foundry jobs
Tofel Aug 1, 2024
7c782ee
fix json
Tofel Aug 1, 2024
30aa2a6
compact output with jq
Tofel Aug 1, 2024
82d1f07
fix condition for fmt
Tofel Aug 1, 2024
eed761e
try to scope tests to changes
Tofel Aug 1, 2024
f9e116b
move matrix check to step level
Tofel Aug 1, 2024
5bef6d9
fix outputs path
Tofel Aug 1, 2024
d1f5f2c
trigger
Tofel Aug 1, 2024
6f5f25e
test with Automation change
Tofel Aug 1, 2024
3c06881
try with shared
Tofel Aug 1, 2024
033a062
run fmt also if any sol files were modified
Tofel Aug 1, 2024
9d18fde
fix job name in collect metrics
Tofel Aug 1, 2024
94ffafa
trigger pipeline only for localised change + update changes info
Tofel Aug 1, 2024
a7fac9f
add changeset
Tofel Aug 1, 2024
4bb7e46
remove test change
Tofel Aug 1, 2024
67c8a5d
do not run forge fmt if shared contracts have changed
Tofel Aug 2, 2024
d9bb6f2
Merge branch 'develop' into tt_1326_update_Sol_Foundry
Tofel Aug 2, 2024
f9b56c4
try artifact pipeline by hijacking hardhat
Tofel Aug 2, 2024
77f4a3e
Merge branch 'develop' into tt_1326_update_Sol_Foundry
Tofel Aug 5, 2024
cb083ee
# This is a combination of 2 commits.
Tofel Aug 5, 2024
9ecb156
CR changes + test them
Tofel Aug 5, 2024
7eedda5
remove test files
Tofel Aug 5, 2024
9028d69
do not run Slither for test files
Tofel Aug 5, 2024
f8aafb3
do not run fmt if test files were modified
Tofel Aug 5, 2024
468a157
remove unused config file
Tofel Aug 5, 2024
c4d75f1
Merge branch 'develop' into tt_1325_solidity_pipelines_genhtml
Tofel Aug 5, 2024
3cfe081
restore old Hardhat pipeline
Tofel Aug 5, 2024
88c3d73
Merge branch 'tt_1326_update_Sol_Foundry' into tt_1325_solidity_pipel…
Tofel Aug 5, 2024
0a49359
add missing transmission setup
Tofel Aug 5, 2024
f2b7bd7
fix basic info condition, join 2 steps into 1, define higher-level co…
Tofel Aug 6, 2024
d7d07ad
define actions for installing Slither and solc-select
Tofel Aug 6, 2024
678f310
run all tests also if package.json changes; run them on all non_src c…
Tofel Aug 6, 2024
7b6e1ac
add action for validating whether all Slither reports and UML diagram…
Tofel Aug 6, 2024
ff9b2d9
fetch origin in validation action
Tofel Aug 6, 2024
e2912cc
compare with HEAD in validate action
Tofel Aug 6, 2024
77c7869
compare with origin in validation action
Tofel Aug 6, 2024
6ce8e85
handle both csv and shell arrays in the validation action
Tofel Aug 6, 2024
76594e1
Merge branch 'tt_1326_update_Sol_Foundry' into tt_1325_solidity_pipel…
Tofel Aug 6, 2024
c2b8b48
update artifact pipeline with new actions
Tofel Aug 6, 2024
b38792b
Merge branch 'develop' into tt_1325_solidity_pipelines_genhtml
Tofel Aug 6, 2024
e05a9b4
fix workflow after tests
Tofel Aug 6, 2024
d845abe
fix how validation actions works with commits
Tofel Aug 6, 2024
26a5cf3
Merge branch 'develop' into tt_1326_update_Sol_Foundry
Tofel Aug 6, 2024
7d911da
Merge branch 'tt_1326_update_Sol_Foundry' into tt_1325_solidity_pipel…
Tofel Aug 6, 2024
03f48a9
treat shared as any other product
Tofel Aug 7, 2024
7b472a8
small fixes
Tofel Aug 7, 2024
024e9e3
apply CR changes
Tofel Aug 7, 2024
a222fe7
remove special handling for deleted files
Tofel Aug 7, 2024
aa0af66
remove apt-get update
Tofel Aug 7, 2024
60e548d
Merge branch 'tt_1326_update_Sol_Foundry' into tt_1325_solidity_pipel…
Tofel Aug 7, 2024
8e22de6
use only dorny/paths
Tofel Aug 7, 2024
afdef19
remove unused input
Tofel Aug 7, 2024
7b7b9dd
CR changes: use dorny/paths with quantifier, move scope validation to…
Tofel Aug 7, 2024
0928fb9
fix workflow
Tofel Aug 7, 2024
27a5834
Merge branch 'tt_1326_update_Sol_Foundry' into tt_1325_solidity_pipel…
Tofel Aug 7, 2024
7d46431
fail bash scripts on erors
Tofel Aug 8, 2024
df771e3
add set -euo pipefail to bash scripts
Tofel Aug 8, 2024
1fb00d2
define action to detect foundry version
Tofel Aug 8, 2024
2034917
Merge branch 'tt_1326_update_Sol_Foundry' into tt_1325_solidity_pipel…
Tofel Aug 8, 2024
a18c5ad
fix select solc version script, better slither report output
Tofel Aug 8, 2024
32addb7
checkout repo
Tofel Aug 8, 2024
91fb818
Merge branch 'tt_1326_update_Sol_Foundry' into tt_1325_solidity_pipel…
Tofel Aug 8, 2024
8c9d3c4
add id
Tofel Aug 8, 2024
699c541
Merge branch 'tt_1326_update_Sol_Foundry' into tt_1325_solidity_pipel…
Tofel Aug 8, 2024
c286f72
Merge pull request #14015 from smartcontractkit/tt_1325_solidity_pipe…
Tofel Aug 9, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions .github/actions/detect-solidity-foundry-version/action.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
name: 'Detect Foundry version in GNUmakefile'
description: 'Detects Foundry version in GNUmakefile'
inputs:
working-directory:
description: 'The GNUmakefile directory'
required: false
default: 'contracts'
outputs:
foundry-version:
description: 'Foundry version found in GNUmakefile'
value: ${{ steps.extract-foundry-version.outputs.foundry-version }}
runs:
using: 'composite'
steps:
- name: Extract Foundry version
id: extract-foundry-version
shell: bash
working-directory: ${{ inputs.working-directory }}
run: |
foundry_version=$(grep -Eo "foundryup --version [^ ]+" GNUmakefile | awk '{print $3}')
if [ -z "$foundry_version" ]; then
echo "::error::Foundry version not found in GNUmakefile"
exit 1
fi
echo "Foundry version found: $foundry_version"
echo "foundry-version=$foundry_version" >> $GITHUB_OUTPUT
10 changes: 10 additions & 0 deletions .github/actions/setup-slither/action.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
name: Setup Slither
description: Installs Slither 0.10.3 for contract analysis. Requires Python 3.6 or higher.
runs:
using: composite
steps:
- name: Install Slither
shell: bash
run: |
python -m pip install --upgrade pip
pip install slither-analyzer==0.10.3
30 changes: 30 additions & 0 deletions .github/actions/setup-solc-select/action.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
name: Setup Solc Select
description: Installs Solc Select, required versions and selects the version to use. Requires Python 3.6 or higher.
inputs:
to_install:
description: Comma-separated list of solc versions to install
required: true
to_use:
description: Solc version to use
required: true

runs:
using: composite
steps:
- name: Install solc-select and solc
shell: bash
run: |
pip3 install solc-select
sudo ln -s /usr/local/bin/solc-select /usr/bin/solc-select

IFS=',' read -ra versions <<< "${{ inputs.to_install }}"
for version in "${versions[@]}"; do
solc-select install $version
if [ $? -ne 0 ]; then
echo "Failed to install Solc $version"
exit 1
fi
done

solc-select install ${{ inputs.to_use }}
solc-select use ${{ inputs.to_use }}
103 changes: 103 additions & 0 deletions .github/actions/validate-artifact-scope/action.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
name: Validate Artifact Scope
description: Checks there are any modified Solidity files outside of the specified scope. If so, it prints a warning message, but does not fail the workflow.
inputs:
product:
description: The product for which the artifacts are being generated
required: true
sol_files:
description: Comma-separated (CSV) or space-separated (shell) list of Solidity files to check
required: true

runs:
using: composite
steps:
- name: Transform input array
id: transform_input_array
shell: bash
run: |
is_csv_format() {
local input="$1"
if [[ "$input" =~ "," ]]; then
return 0
else
return 1
fi
}

is_space_separated_string() {
local input="$1"
if [[ "$input" =~ ^[^[:space:]]+([[:space:]][^[:space:]]+)*$ ]]; then
return 0
else
return 1
fi
}

array="${{ inputs.sol_files }}"

if is_csv_format "$array"; then
echo "::debug::CSV format detected, nothing to do"
echo "sol_files=$array" >> $GITHUB_OUTPUT
exit 0
fi

if is_space_separated_string "$array"; then
echo "::debug::Space-separated format detected, converting to CSV"
csv_array="${array// /,}"
echo "sol_files=$csv_array" >> $GITHUB_OUTPUT
exit 0
fi

echo "::error::Invalid input format for sol_files. Please provide a comma-separated (CSV) or space-separated (shell) list of Solidity files"
exit 1

- name: Check for changes outside of artifact scope
shell: bash
run: |
echo "::debug::All modified contracts:"
echo "${{ steps.transform_input_array.outputs.sol_files }}" | tr ',' '\n'
if [ "${{ inputs.product }}" = "shared" ]; then
excluded_paths_pattern="!/^contracts\/src\/v0\.8\/interfaces/ && !/^contracts\/src\/v0\.8\/${{ inputs.product }}/ && !/^contracts\/src\/v0\.8\/[^\/]+\.sol$/"
else
excluded_paths_pattern="!/^contracts\/src\/v0\.8\/${{ inputs.product }}/"
fi
echo "::debug::Excluded paths: $excluded_paths_pattern"
unexpected_files=$(echo "${{ steps.transform_input_array.outputs.sol_files }}" | tr ',' '\n' | awk "$excluded_paths_pattern")
missing_files=""
set -e
set -o pipefail
if [[ -n "$unexpected_files" ]]; then
products=()
productsStr=""
IFS=$'\n' read -r -d '' -a files <<< "$unexpected_files" || true
echo "Files: ${files[@]}"

for file in "${files[@]}"; do
missing_files+="$file,"

product=$(echo "$file" | awk -F'src/v0.8/' '{if ($2 ~ /\//) print substr($2, 1, index($2, "/")-1); else print "shared"}')
if [[ ! " ${products[@]} " =~ " ${product} " ]]; then
products+=("$product")
productsStr+="$product, "
fi
done
productsStr=${productsStr%, }

set +e
set +o pipefail

missing_files=$(echo $missing_files | tr ',' '\n')

echo "Error: Found modified contracts outside of the expected scope: ${{ inputs.product }}"
echo "Files:"
echo "$missing_files"
echo "Action required: If you want to generate artifacts for other products ($productsStr) run this workflow again with updated configuration"

echo "# Warning!" >> $GITHUB_STEP_SUMMARY
echo "## Reason: Found modified contracts outside of the expected scope: ${{ inputs.product }}" >> $GITHUB_STEP_SUMMARY
echo "### Files:" >> $GITHUB_STEP_SUMMARY
echo "$missing_files" >> $GITHUB_STEP_SUMMARY
echo "## Action required: If you want to generate artifacts for other products ($productsStr) run this workflow again with updated configuration" >> $GITHUB_STEP_SUMMARY
else
echo "No unexpected files found."
fi
115 changes: 115 additions & 0 deletions .github/actions/validate-solidity-artifacts/action.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,115 @@
name: Validate Solidity Artifacts
description: Checks whether Slither reports and UML diagrams were generated for all necessary files. If not, a warning is printed in job summary, but the job is not marked as failed.
inputs:
slither_reports_path:
description: Path to the Slither reports directory (without trailing slash)
required: true
uml_diagrams_path:
description: Path to the UML diagrams directory (without trailing slash)
required: true
validate_slither_reports:
description: Whether Slither reports should be validated
required: true
validate_uml_diagrams:
description: Whether UML diagrams should be validated
required: true
sol_files:
description: Comma-separated (CSV) or space-separated (shell) list of Solidity files to check
required: true

runs:
using: composite
steps:
- name: Transform input array
id: transform_input_array
shell: bash
run: |
is_csv_format() {
local input="$1"
if [[ "$input" =~ "," ]]; then
return 0
else
return 1
fi
}

is_space_separated_string() {
local input="$1"
if [[ "$input" =~ ^[^[:space:]]+([[:space:]][^[:space:]]+)*$ ]]; then
return 0
else
return 1
fi
}

array="${{ inputs.sol_files }}"

if is_csv_format "$array"; then
echo "::debug::CSV format detected, nothing to do"
echo "sol_files=$array" >> $GITHUB_OUTPUT
exit 0
fi

if is_space_separated_string "$array"; then
echo "::debug::Space-separated format detected, converting to CSV"
csv_array="${array// /,}"
echo "sol_files=$csv_array" >> $GITHUB_OUTPUT
exit 0
fi

echo "::error::Invalid input format for sol_files. Please provide a comma-separated (CSV) or space-separated (shell) list of Solidity files"
exit 1

- name: Validate UML diagrams
if: ${{ inputs.validate_uml_diagrams == 'true' }}
shell: bash
run: |
echo "Validating UML diagrams"
IFS=',' read -r -a modified_files <<< "${{ steps.transform_input_array.outputs.sol_files }}"
missing_svgs=()
for file in "${modified_files[@]}"; do
svg_file="$(basename "${file%.sol}").svg"
if [ ! -f "${{ inputs.uml_diagrams_path }}/$svg_file" ]; then
echo "Error: UML diagram for $file not found"
missing_svgs+=("$file")
fi
done

if [ ${#missing_svgs[@]} -gt 0 ]; then
echo "Error: Missing UML diagrams for files: ${missing_svgs[@]}"
echo "# Warning!" >> $GITHUB_STEP_SUMMARY
echo "## Reason: Missing UML diagrams for files:" >> $GITHUB_STEP_SUMMARY
for file in "${missing_svgs[@]}"; do
echo " $file" >> $GITHUB_STEP_SUMMARY
done
echo "## Action required: Please try to generate artifacts for them locally or using a different tool" >> $GITHUB_STEP_SUMMARY
else
echo "All UML diagrams generated successfully"
fi

- name: Validate Slither reports
if: ${{ inputs.validate_slither_reports == 'true' }}
shell: bash
run: |
echo "Validating Slither reports"
IFS=',' read -r -a modified_files <<< "${{ steps.transform_input_array.outputs.sol_files }}"
missing_reports=()
for file in "${modified_files[@]}"; do
report_file="$(basename "${file%.sol}")-slither-report.md"
if [ ! -f "${{ inputs.slither_reports_path }}/$report_file" ]; then
echo "Error: Slither report for $file not found"
missing_reports+=("$file")
fi
done

if [ ${#missing_reports[@]} -gt 0 ]; then
echo "Error: Missing Slither reports for files: ${missing_reports[@]}"
echo "# Warning!" >> $GITHUB_STEP_SUMMARY
echo "## Reason: Missing Slither reports for files:" >> $GITHUB_STEP_SUMMARY
for file in "${missing_reports[@]}"; do
echo " $file" >> $GITHUB_STEP_SUMMARY
done
echo "## Action required: Please try to generate artifacts for them locally" >> $GITHUB_STEP_SUMMARY
else
echo "All Slither reports generated successfully"
fi
Loading
Loading